No Arabic abstract
Privacy by Design (PbD) is the most common approach followed by software developers who aim to reduce risks within their application designs, yet it remains commonplace for developers to retain little conceptual understanding of what is meant by privacy. A vision is to develop an intelligent privacy assistant to whom developers can easily ask questions in order to learn how to incorporate different privacy-preserving ideas into their IoT application designs. This paper lays the foundations toward developing such a privacy assistant by synthesising existing PbD knowledge so as to elicit requirements. It is believed that such a privacy assistant should not just prescribe a list of privacy-preserving ideas that developers should incorporate into their design. Instead, it should explain how each prescribed idea helps to protect privacy in a given application design context-this approach is defined as Explainable Privacy. A total of 74 privacy patterns were analysed and reviewed using ten different PbD schemes to understand how each privacy pattern is built and how each helps to ensure privacy. Due to page limitations, we have presented a detailed analysis in [3]. In addition, different real-world Internet of Things (IoT) use-cases, including a healthcare application, were used to demonstrate how each privacy pattern could be applied to a given application design. By doing so, several knowledge engineering requirements were identified that need to be considered when developing a privacy assistant. It was also found that, when compared to other IoT application domains, privacy patterns can significantly benefit healthcare applications. In conclusion, this paper identifies the research challenges that must be addressed if one wishes to construct an intelligent privacy assistant that can truly augment software developers capabilities at the design phase.
The design and development process for Internet of Things (IoT) applications is more complicated than for desktop, mobile, or web applications. IoT applications require both software and hardware to work together across multiple different types of nodes (e.g., microcontrollers, system-on-chips, mobile phones, miniaturised single-board computers, and cloud platforms) with different capabilities under different conditions. IoT applications typically collect and analyse personal data that can be used to derive sensitive information about individuals. Without proper privacy protections in place, IoT applications could lead to serious privacy violations. Thus far, privacy concerns have not been explicitly considered in software engineering processes when designing and developing IoT applications, partly due to a lack of tools, technologies, and guidance. This paper presents a research vision that argues the importance of developing a privacy-aware IoT application design tool to address the challenges mentioned above. This tool should not only transform IoT application designs into privacy-aware application designs but also validate and verify them. First, we outline how this proposed tool should work in practice and its core functionalities. Then, we identify research challenges and potential directions towards developing the proposed tool. We anticipate that this proposed tool will save many engineering hours which engineers would otherwise need to spend on developing privacy expertise and applying it. We also highlight the usefulness of this tool towards privacy education and privacy compliance.
The Internet of Things supports various industrial applications. The cooperation and coordination of smart things are a promising strategy for satisfying requirements that are beyond the capacity of a single smart thing. One of the major challenges for todays software engineering is the management of large and complex computing systems characterized by a high degree of physical distribution. Examples of such systems arise in many application domains. The number of connected devices grows from billions to hundreds of billions, so a maximum of automatisms must be integrated in IoT architectures in order to control and manage them. Software architects migrate to service oriented architecture and applications are now being constructed as service compositions. Since each IoT device includes one or more microservices, the increasing number of devices around the user makes them difficult to assemble in order to achieve a common goal. In this paper, we propose a self-assembling solution based on self-controlled service components taking into account non-functional requirements concerning the offered quality of services and the structuration of the resulting assembly. Its aim is to build and maintain an assembly of services (taking into account arrival of new peers or failure of existing ones) that, besides functional requirements, also fulfils global quality-of-service and structural requirements.
User privacy concerns are widely regarded as a key obstacle to the success of modern smart cyber-physical systems. In this paper, we analyse, through an example, some of the requirements that future data collection architectures of these systems should implement to provide effective privacy protection for users. Then, we give an example of how these requirements can be implemented in a smart home scenario. Our example architecture allows the user to balance the privacy risks with the potential benefits and take a practical decision determining the extent of the sharing. Based on this example architecture, we identify a number of challenges that must be addressed by future data processing systems in order to achieve effective privacy management for smart cyber-physical systems.
The Internet of Things (IoT) is already transforming industries, cities, and homes. The economic value of this transformation across all industries is estimated to be trillions of dollars and the societal impact on energy efficiency, health, and productivity are enormous. Alongside potential benefits of interconnected smart devices comes increased risk and potential for abuse when embedding sensing and intelligence into every device. One of the core problems with the increasing number of IoT devices is the increased complexity that is required to operate them safely and securely. This increased complexity creates new safety, security, privacy, and usability challenges far beyond the difficult challenges individuals face just securing a single device. We highlight some of the negative trends that smart devices and collections of devices cause and we argue that issues related to security, physical safety, privacy, and usability are tightly interconnected and solutions that address all four simultaneously are needed. Tight safety and security standards for individual devices based on existing technology are needed. Likewise research that determines the best way for individuals to confidently manage collections of devices must guide the future deployments of such systems.
A secure downlink transmission system which is exposed to multiple eavesdroppers and is appropriate for Internet of Things (IoT) applications is considered. A worst case scenario is assumed, in the sense that, in order to enhance their interception ability all eavesdroppers are located close to each other, near the controller and collude to form joint receive beamforming. For such a system, a novel cooperative non-orthogonal multiple access (NOMA) secure transmission scheme for which an IoT device with a stronger channel condition acts as an energy harvesting relay in order to assist a second IoT device operating under weaker channel conditions, is proposed and its performance is analyzed and evaluated. A secrecy sum rate (SSR) maximization problem is formulated and solved under three constraints: i) Transmit power; ii) Successive interference cancellation; iii) Quality of Service. By considering both passive and active eavesdroppers scenarios, two optimization schemes are proposed to improve the overall system SSR. On the one hand, for the passive eavesdropper scenario, an artificial noise-aided secure beamforming scheme is proposed. Since this optimization problem is nonconvex, instead of using traditional but highly complex, bruteforce two-dimensional search, it is conveniently transformed into a convex one by using an epigraph reformulation. On the other hand, for the active multi-antennas eavesdroppers scenario, the orthogonal-projection-based beamforming scheme is considered, and by employing the successive convex approximation method, a suboptimal solution is proposed. Furthermore, since for single antenna transmission the orthogonal-projection-based scheme may not be applicable a simple power control scheme is proposed.